If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Wireshark & Monitor Mode (AWUS036H) trouble

Hi,
I've installed Backtrack 5R1 and i have a trouble to get the monitor mode working in Wireshark.
I connect the card and start monitor mode via airmon-ng. Then I' start the Wireshark and select the mon0 interface. But the checkbox for Enabling monitor mode is grey. I'm using the AWUS036H card with RTL8187 chipset.
Is there some trick to enable the monitor mode in Wireshark.
Now I'm using the clean install of Backtrack R5.
I've had the same issue with Backtrack 4. I've tried to compile new version of Wireshark from SVN, with newest libpcap. But without any success.

Re: Wireshark & Monitor Mode (AWUS036H) trouble

Have you tried other wireless tools (e.g. Kismet, airodump-ng, etc) to see how they work? Also, have you tried just plugging your card in & turning on monitor mode from within Wireshark (skipping the airmon-ng step)?

I'm not a Wireshark pro, but I prefer to do my packet capture using something other than Wireshark, then load the pcapdump files into Wireshark for analysis.

If I could figure out how to scuba dive & hack at the same time, there would be nothing I couldn't do...

Re: Wireshark & Monitor Mode (AWUS036H) trouble

Originally Posted by scottm99

Also, have you tried just plugging your card in & turning on monitor mode from within Wireshark (skipping the airmon-ng step)?

@scottm99:
you may not be a "wireshark pro" as you posted, but you are absolutely correct as this is not actually wireshark specific. allowing airmon-ng (or any other process) to put the card into monitor mode, will not allow another process to use the same wireless interface in monitor mode at the same time. the interface is greyed within wireshark; because the interface is already in use by the other process which was loaded first.